pentest-cloud-infrastructure

star 282

Cloud security posture management and container security assessment for AWS, Azure, GCP, and Kubernetes.

jd-opensource By jd-opensource schedule Updated 2/11/2026
play_arrow Run Skill in Manus View GitHub

name: pentest-cloud-infrastructure description: Cloud security posture management and container security assessment for AWS, Azure, GCP, and Kubernetes.

Pentest Cloud Infrastructure

Purpose

Assess the security configuration of cloud environments and containerized infrastructure to detect misconfigurations, excessive permissions, and vulnerabilities.

Core Workflow

  1. Cloud Config Audit: Assess cloud provider configuration (AWS/Azure/GCP) using prowler and scoutsuite.
  2. IaC Scanning: Analyze Infrastructure-as-Code (Terraform, CloudFormation) for security flaws using checkov and terrascan.
  3. Container Security: Scan container images and runtime environments using trivy, clair, and dockle.
  4. Kubernetes Assessment: Audit K8s clusters for CIS compliance and vulnerabilities using kube-bench and kube-hunter.
  5. Runtime Monitoring: Analyze runtime behavior and rule violations using falco.

References

  • references/tools.md
  • references/workflows.md
Install via CLI
npx skills add https://github.com/jd-opensource/JoySafeter --skill pentest-cloud-infrastructure
Repository Details
star Stars 282
call_split Forks 54
navigation Branch main
article Path SKILL.md
More from Creator
jd-opensource
jd-opensource Explore all skills →